security
Posted 2 weeks agoSenior Security Engineer
at Near
GlobalRemote
Responsibilities
- Lead the information security program across NEAR Foundation, with a dotted line into NEAR Intents’ security leadership on shared work.
- Drive SOC II Type 2 and ISO 27001 readiness and ongoing compliance at NEAR AI: control design, evidence collection, auditor liaison, and remediation.
- Support the needs and operation of the NEAR Security Committee (NSC).
- Run logging, monitoring, and alerting; lead investigation and response for security incidents.
- Run vulnerability management, third-party risk reviews, and security awareness across the organization.
- Own the security architecture and hardening of our identity, access, and endpoint stack (SSO/MFA, MDM, EDR, conditional access, privileged access) — partnering with the IT Director and IT Operations team on day-to-day operations.
- Engineer security and compliance automation across our SaaS estate — evidence collection, control monitoring, access reviews, and workflows that tighten controls and reduce manual work.
- Lead security tooling rollouts and security vendor selection; provide deep security input into the broader IT roadmap and technical due diligence. Cloud and Policy
- Maintain the security policy library; ensure policies are accurate, enforced, and updated as we evolve. What We're Looking For
- GROW CONSTANTLY: learn, improve and fail productively so the project and community are always becoming more effective
Requirements
- NEAR Foundation supports the growth of the NEAR ecosystem — including NEAR AI, NEAR Intents, and the underlying NEAR Protocol — across multiple entities and product nodes.
- Near-term priorities include leading SOC II Type 2 and ISO 27001 readiness at NEAR AI, supporting the needs of the NEAR Security Committee (NSC), and partnering with the incoming NEAR Intents Head of Security on shared standards. What You'll Do
- Help maintain a secure cloud footprint (AWS / GCP) — baseline configuration, secrets management, and posture monitoring — in partnership with infrastructure and product teams.
- experience across IAM, endpoint, and at least one cloud (AWS or GCP).
- Comfortable scripting (Python, Go, or Bash) and automating IT and security workflows. Practical
- experience with SSO/IdP platforms (Okta, Google Workspace, Entra), MDM/EDR tooling, and modern logging/SIEM stacks.